GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,740
Composer 4,239
Erlang 31
GitHub Actions 21
Go 2,007
Maven 5,196
npm 3,716
NuGet 662
pip 3,388
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,952

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

151 advisories

Filter by severity

Sort by

Least recently updated

IBM Planning Analytics Local 2.0 connects to a MongoDB server. MongoDB, a document-oriented... Critical Unreviewed

CVE-2020-4669 was published May 24, 2022

An issue was discovered in Emote Remote Mouse through 4.0.0.0. Remote unauthenticated users can... Critical Unreviewed

CVE-2021-27573 was published May 24, 2022

Cloud Manager versions prior to 3.9.4 are susceptible to a vulnerability that could allow a... Critical Unreviewed

CVE-2021-26990 was published May 24, 2022

** DISPUTED ** Camunda Modeler (aka camunda-modeler) through 4.6.0 allows arbitrary file access.... Critical Unreviewed

CVE-2021-28154 was published May 24, 2022

An issue was discovered in Progress Telerik UI for ASP.NET AJAX 2021.1.224. It allows... Critical Unreviewed

CVE-2021-28141 was published May 24, 2022

The ASUS DSL-N17U modem with firmware 1.1.0.2 allows attackers to access the admin interface by... Critical Unreviewed

CVE-2020-35219 was published May 24, 2022

An issue was discovered in URVE Build 24.03.2020. Using the _internal/pc/shutdown.php path, it is... Critical Unreviewed

CVE-2020-29551 was published May 24, 2022

A CWE-862: Missing Authorization vulnerability exists in Easergy T300 (firmware 2.7 and older),... Critical Unreviewed

CVE-2020-28215 was published May 24, 2022

MISP before 2.4.135 lacks an ACL check, related to app/Controller/GalaxyElementsController.php... Critical Unreviewed

CVE-2020-29006 was published May 24, 2022

An authorization bypass and PHP local-file-include vulnerability in the installation component of... Critical Unreviewed

CVE-2020-7472 was published May 24, 2022

SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to... Critical Unreviewed

CVE-2020-26824 was published May 24, 2022

SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to... Critical Unreviewed

CVE-2020-26822 was published May 24, 2022

SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to... Critical Unreviewed

CVE-2020-26823 was published May 24, 2022

SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to... Critical Unreviewed

CVE-2020-26821 was published May 24, 2022

wp-includes/class-wp-xmlrpc-server.php in WordPress before 5.5.2 allows attackers to gain... Critical Unreviewed

CVE-2020-28036 was published May 24, 2022

A remote unauthorized access vulnerability was discovered in Aruba Airwave Software version(s):... Critical Unreviewed

CVE-2020-7124 was published May 24, 2022

In Bender COMTRAXX, user authorization is validated for most, but not all, routes in the system.... Critical Unreviewed

CVE-2019-19885 was published May 24, 2022

IBM Security Access Manager 9.0.7 and IBM Security Verify Access 10.0.0 could allow an... Critical Unreviewed

CVE-2020-4499 was published May 24, 2022

Arbitrary code execution vulnerability on Micro Focus Operation Bridge Reporter, affecting... Critical Unreviewed

CVE-2020-11856 was published May 24, 2022

A malicious extension could have called <code>browser.identity.launchWebAuthFlow</code>,... Critical Unreviewed

CVE-2020-6823 was published May 24, 2022

zzcms 8.3 and earlier is affected by: File Delete to Code Execution. The impact is: getshell. The... Critical Unreviewed

CVE-2019-1010150 was published May 24, 2022

zzcms version 8.3 and earlier is affected by: File Delete to Code Execution. The impact is: zzcms... Critical Unreviewed

CVE-2019-1010149 was published May 24, 2022

zzcms 8.3 and earlier is affected by: File Delete to Code Execution. The impact is: getshell. The... Critical Unreviewed

CVE-2019-1010152 was published May 24, 2022

SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier versions incorrectly restricts... Critical Unreviewed

CVE-2022-22282 was published May 14, 2022

NuCom WR644GACV devices before STA006 allow an attacker to download the configuration file... Critical Unreviewed

CVE-2018-8755 was published May 13, 2022

Previous 1 2 3 4 5 6 7 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

151 advisories